<?php
include 'constant.php';
include 'db_cred.php';

// Verifying user's credential
$query = "select u.user_name, u.user_timezone, t.timezone_offset from user u, timezone t where u.user_timezone = t.timezone and u.user_name = '" . $_REQUEST['userid'] . "' and u.user_password = '" . $_REQUEST['password'] . "'";
$result = mysql_query($query) or die('Query failed: ' . mysql_error());

if (mysql_num_rows($result) == 0)
{
  $_SESSION['login_status'] = $CONST_ERR_INCORRECT_LOGIN_CRED;
  $_SESSION['authorized_user'] = '';
}
else
{
  # set session variable for identification and caching of constant data

  $_SESSION['login_status'] = '';

  $row = mysql_fetch_assoc($result);
  $_SESSION['authorized_user'] = $row['user_name'];
  $_SESSION['user_timezone'] = $row['user_timezone'];
  $_SESSION['user_timezone_offset'] = $row['timezone_offset'];

}
// Free resultset
mysql_free_result($result);

// Closing connection
mysql_close($link);
?>


